The Internet, which is a human centered connectivity network where humans generate and consume information, is now evolving to the Internet of Things (IoT) where distributed entities, such as things, exchange and process information without human intervention. The Internet of Everything (IoE), which is a combination of the IoT technology and the Big Data processing technology through connection with a cloud server, has emerged. As technology elements, such as “sensing technology”, “wired/wireless communication and network infrastructure”, “service interface technology”, and “Security technology” have been demanded for IoT implementation, a sensor network, a Machine-to-Machine (M2M) communication, Machine Type Communication (MTC), and so forth have been recently researched.
Such an IoT environment may provide intelligent Internet technology services that create a new value to human life by collecting and analyzing data generated among connected things. IoT may be applied to a variety of fields including smart home, smart building, smart city, smart car or connected cars, smart grid, health care, smart appliances and advanced medical services through convergence and combination between existing Information Technology (IT) and various industrial applications.
A user terminal that is capable of executing various web services or applications using the Internet is a popular electronic device and its use has increased over the years. For example, a user may access a web service and execute an application through a user terminal such as a smart television (TV), a Personal Computer (PC), a smart phone, a tablet, a notepad, etc.
In order for a user to access a web service, an application, or the like through a user terminal, usually an input of login information, such as a user identification (ID), a password, or the like, is requested. However, it is inconvenient for a user to directly manage and input pieces of login information for a plurality of web services or applications.
In order to address such an inconvenience, a login method in which a password manager loadable in a user terminal is used, a cloud based password manager login method in which a password manager installed in a random server accessible the user terminal through Internet and the like is used, or the like is utilized.
The password manager stores login information input by a user and inputs the login information corresponding to a login information input request of a web service or an application instead of the user. The password manager is a module that increases the convenience of a user in a case of a login.
However, since a password manager loaded on a specific user terminal may only be used in that user terminal, in order for the user to log in using the password manager in another user terminal, the password manager should be installed in the other user terminal and the login information should be input to the other user terminal, Thus, the user is again inconvenienced.
The cloud based password manager login method is a method in which a user stores login information in a separate device (e.g., an external server) which is not managed by the user, and which provides the login information of the user to a web service when there is a web service requesting the login information. That is, the cloud based password manager login method requests the user to store personal information (e.g., the login information) in the separate device. In order to check and withdraw the login information stored in a cloud server, at least one master key should be used. Since the master key may be leaked due to an attack, such as a dictionary attack (i.e., an attack solving a password or an authentication by attempting lots of possible passwords using words and the like in a dictionary) or an attack using a rainbow table (i.e., a previously calculated table which is used for solving a password hash function), the master key is weak in its security. Therefore, the master key is being ignored by a user.
Thus, the existing password managing method cannot overcome disadvantages such as user inconvenience and weakness in the security, and the existing password managing method is not easily used.
Furthermore, since a wearable and portable device (e.g., a portable device) is being actively used these days, a method of using the portable device is being considered.
The above information is presented as background information only to assist with an understanding of the present disclosure. No determination has been made, and no assertion is made, as to whether any of the above might be applicable as prior art with regard to the present disclosure